• Buff – HackTheBox writeup
    Buff is a retired vulnerable Windows machine available from HackTheBox. The machine maker is egotisticalSW, thank you. It has an Easy difficulty with a rating of 3.6 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
  • Visual Studio Code Remote Sync to SiteGround Shared Hosting
    There are files (e.g. PHP files, config files) I need to maintain at my SiteGround shared hosting. Using FTP, File Manager or SSH into the server and make changes are not idea. I would like to use Visual Studio Code to make changes remotely. How can I do that? Typically, Visual Studio Code Development on […]
  • Bitlocker Device Encryption with TPM (Trusted Platform Module) on Windows 10
    I have a AMD Ryzen 7 3700X build with Asus TUF Gaming X570-Plus motherboard. To improve security of the system, I decided to perform full disk encryption on Windows 10. There are 2 methods Windows 10 offers: Device Encryption and BitLocker Encryption. Device Encryption Device encryption may or may not be available on your system […]
  • Guide to install pfSense 2.5.2
    This is an updated installation guide in according to the installation guide for pfSense 2.4.4 I posted couple years ago. You can reference it on how to create USB installer. Note: The installation process for pfSense 2.5.2 vs pfSense 2.4.4 is mostly the same with minor differences. Minimum Hardware Requirements 64-bit amd64 (x86-64) compatible CPU […]
  • Tabby – HackTheBox writeup
    Tabby is a retired vulnerable Linux machine available from HackTheBox. The machine makers are egre55, thank you. It has an Easy difficulty with a rating of 4.8 out of 10. This is a nice box. I enjoy it and learn something new. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. […]
  • Blunder – HackTheBox writeup
    Blunder is a retired vulnerable Linux machine available from HackTheBox. The machine maker is egotisticalSW, thank you. It has an Easy difficulty with a rating of 4.1 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. No automated tools are needed. The goal is to obtain root shell […]
  • Cache – HackTheBox writeup
    Cache is a retired vulnerable Linux machine available from HackTheBox. The machine maker is ASHacker, thank you. It has an Medium difficulty with a rating of 5 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
  • Admirer – HackTheBox writeup
    Admirer is a retired vulnerable Linux machine available from HackTheBox. The machine makers are polarbearer & GibParadox, thank you. It has an Easy difficulty with a rating of 5.3 out of 10. This is a great box. I really enjoy it. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The […]
  • Curling – HackTheBox writeup
    Curling is a retired vulnerable Linux machine available from HackTheBox. The machine maker is L4mpje, thank you. It has an Easy difficulty with a rating of 4.4 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
  • How to use Windows 10 RemoteFX with GPU acceleration and sound in Hyper-v
    I was looking for a way to pass through GPU acceleration to virtual machines for some processing tasks. However, most methods (such as DDA or VMware ESXi) requires specific server hardware, server hypervisor OS, support CPU & motherboard firmware. Sadly, I don’t have matching specification to use those methods. Then I come across RemoteFX. While […]
  • Remote – HackTheBox writeup
    Remote is a retired vulnerable Windows machine available from HackTheBox. The machine maker is mrb3n, thank you. It has an Easy difficulty with a rating of 4.7 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. No automated tools are needed. The goal is to obtain root shell […]
  • How to turn off all RGB lights on my 3700X PC build
    My build: Ryzen 7 3700X Build with Asus TUF Gaming X570-Plus While the RGB lights in my PC build add beautiful lighting effects to the computer, there are time and situation when you don’t want those flashy RGB lights. In my case, my PC build is used as a work machine, not a gaming machine. […]
  • Ryzen 7 3700X $2K Build with Asus TUF Gaming X570-Plus
    My last PC build was an Intel i7-4770K with Asus Z87-Plus. It serves me well for many years. But has recently been giving me different issues. It’s about time to build another one before it runs out on me. The AMD 3rd GEN seems very promising so this time I would like to try out […]
  • Jarvis – HackTheBox writeup
    Jarvis is a retired vulnerable machine available from HackTheBox. The machine maker is manulqwerty & Ghostpp7, thank you. It has a Medium difficulty with a rating of 4.9 out of 10. I think it’s somewhat between easy & medium. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is […]
  • Continuous Deployment using AWS CodeBuild with CDK for Next.js
    Typically in AWS environment, we use CodePipeline as the orchestrator to build, test and deploy our application/service. But in some scenario such as deploying static websites, we may just need to achieve simple continuous deployment. In these cases, we don’t need the full blown deployment pipeline for staging and approval process. We can simply use […]
  • Mirai – HackTheBox writeup
    Mirai is a retired vulnerable machine available from HackTheBox. The machine maker is Arrexel, thank you. It is a pretty easy machine with a difficulty rating of 3.7 out of 10. No automated tools are required to solve the machine. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal […]
  • Deploying Static React Next.js to AWS S3
    Next.js is the React Framework that helps deploying a static website or dynamic website with server side rendering. This post will illustrates how to host a simple React application on AWS S3 using Next.js framework. Node.js is required. Setup Next.js project npm init next-app This command will ask couple simple questions including project name & […]
  • Setup on-premise NFS file share using AWS File Gateway
    AWS File gateway, running as a VM server locally, can act as a NFS or SMB file share to actually store your files at AWS S3. Your on-premise machines can then connect and mount the file share to access data stored at S3 as if they are available locally. This can be a great first […]
  • Migrating React SPA from .NET Core to Next.js
    The post looks at some options moving forward for developing applications using React/Angular/Vue with ASP.NET Core. Each option has it’s own advantage and short comings depending on the application requirements. SpaServices & NodeServices going away SpaServices and NodeServices become deprecated, starting at .NET Core 3.1. And they will be removed when .NET 5 arrives. .NET […]
  • Writeup – HackTheBox writeup
    Exploitation Summary Initial Exploitation Vulnerability: SQL Injection vulnerability of CMS Made Easy Explanation: CMS Made Easy version 2.2.9.1 has a SQL Injection vulnerability that results in exposure to login id and password hash Privilege Escalation Vulnerability: Hijack Command Execution by Path Interception Explanation: A writable bin folder exists in the execution search PATH and is […]
Close Menu